From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefan Roese Date: Wed, 5 Oct 2011 12:40:04 +0200 Subject: [U-Boot] ubifs: memory possibly not freed In-Reply-To: <4E85F18C.9060904@ge.com> References: <4E85F18C.9060904@ge.com> Message-ID: <201110051240.04452.sr@denx.de> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de Hi Renaud, On Friday 30 September 2011 18:42:52 Renaud Barbier wrote: > Looking at the function ubifs_finddir in the file fs/ubifs/ubifs.c, > I was wondering if some memory had not been freed before > the function returns. > > > 287 static int ubifs_finddir(struct super_block *sb, char *dirname, > 288 unsigned long root_inum, unsigned long *inum) > 289 { > ... > > 299 file = kzalloc(sizeof(struct file), 0); > 300 dentry = kzalloc(sizeof(struct dentry), 0); > 301 dir = kzalloc(sizeof(struct inode), 0); > > .... > 336 if ((strncmp(dirname, (char *)dent->name, nm.len) == > 0) && > 337 (strlen(dirname) == nm.len)) { > 338 *inum = le64_to_cpu(dent->inum); > 339 return 1; > 340 } > > Line 339 returns without freeing file, dentry and dir. > > Maybe wrong but could somebody check that. Yes, you definitely seem to be correct here. Thanks for catching this. Do you want to sent a patch fixing this? That would be great. Otherwise I'll try to come up with a patch soon... Thanks, Stefan -- DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany Phone: (+49)-8142-66989-0 Fax: (+49)-8142-66989-80 Email: office at denx.de